MacDailyNews - Where Mac news comes first

well, it's too late to me. I already updated mac os x 10.4.7. so I don't have any flaw. screw up trojan!

YESS!!!!!!!!

That is what I'm talking about MDN. That Biff... what is the matter with him? He's not very bright:


"Why don't you make like a tree and get out of here"

"That's about as funny as a screen door on a battleship"

bla

spreads by Bluetooth?...So I am suppose to fear someone coming within Bluetooth range with an infected Mac?

COME ON!!!

Where are the network viruses and email viruses...even a good Word Macro virus would be more threatening!

MDN can shoot a nothing story off a dog's ear at 500 yards, Tannen!

Doc: The Symantec!! RUN FOR IT MARTY!!




MARTY: Let's see if these bastards can do 90....


90% market share is where apple will be in 2015. Will you get your car a hover conversion?

Great closing analogy, MDN!

"His actions are in part to demonstrate that Apple software is not unbreakable, he has said."

Somebody should tell this to use his skills for the betterment of mankind, rather than trying to prove points that don't need proving.

He must really want to get into the spotlight shining on Apple right now. Sometimes you have to give up the things you want the most to do what's right.

o...k.... so something that could have happened but never did can no longer happen. im sooo glad i know this so i dont have to worry about it - or i could have never known about it and not wrried about it lol

"90% market share is where apple will be in 2015"

would that be possible with apple doing the hardware and software? im sure legal issues would start to arise after 40-50% like licensing etc

How convenient that this worm found by Symantec comes out, just days after they posted some losses in the stock market....

It's kind of hard to spread a Mac virus when there are only about 13 users world wide. LOL

Andy,

I am not sure, but I don't think that that is true. A company is allowed to make multiple products that they sell work only with other products that they sell, such as Sony cameras and sony memory sticks, without doing anything illegal. I can't imagine that just because a product is a hit it would all of a sudden become against the law.

Also, Apple computers run plenty of operating systems (now including windows) as well as Macintosh, so I can't imagine that if Apple computers take off any laws would be broken.

You're a slacker, No Kool Aid! A slacker!

That was the best MDN take ever. You guys are the just the best. Happy 4th to everyone at MDN!

Strickland: I know what you're thinking and I ain't buying a subscription to the Saturday Evening Post.

Kool Aid:

Billy G. and his Jonestown tea party went --> thataway...

On today's menu we have a delicious Distant Vista tea... on ice!

Would you like some lovely Office 2007 croissants to go with... oh, sorry. They aren't ready yet.

I'm using both OS X and WinXP, and I don't use any antivirus on neither one...

IT IS NOT HARD TO AWOID GETTING A VIRUS!!!

- just don't click "download" when you're on a pornsite -

(yes, it is that easy)

" I can't imagine that just because a product is a hit it would all of a sudden become against the law."

Well, marijuana seems to be a great hit.

1. ALL platforms are vulnerable to trojans.

2. As MDN pointed out, coding a proof-of-concept trojan the day after the flaw is fixed doesn't count.

The moral of the story? Turn off all unnecessary services & access points, never download anything from an untrusted source (DUH!!), and keep your security updates current, even with OS X.

All of which are common sense. No news here.

MDN I have read many takes on this site, but that, i must say, is the winner.

Sorry Symantec but I'm already at 10.4.7 and your story of FUD is to late even if it was true. I also read that it can only be done to a local machine. In other words someone with physical access, so the chance of this happening is sooooo, loooowwwww it's like, whatever.

Here's how the exploit works

>www.digitalmunition.com/DMA[2006-0628a].txt<

So nice of him to release this exploit when most Mac's are not updated yet.

$5 says Symantec created the trojan based on this info to pump up their sales, what's REALLY FSCKING BAD is Apple Stores sells Symantec's crap software right next to brand new Mac's.

What's the use touting Mac OS X security against viruses when they sell anti-malware software right next to new Macs?

THIS LAUNCHD was written BY APPLE to take over cerain aspects of UNIX's ROCK SOLID SECURITY and ITS A MISTAKE BY APPLE IN THE LAUNCHD code thats responsible.

HELLO APPLE, YOU HAVE A COMPROMISED EMPLOYEE THATS ALLOWING THESE EXPLOITS

It goes to show it's by using UNIX is what makes Mac OS X secure, but Apple can't seem to make WHAT THEY CODE SECURE!!

MDW: "Entire" Like Apple needs to closely examine their ENTIRE codebase, right here, right now. SCREW LEPOARD.

mlm, i have used xp and no, its not useable at all on the internet, the last time i reinstalled a copy for a friend it was infected 5 minutes after being back online with no protection

Is Symantec f*^&#xin;g serious? Are that _THAT_ desperate to try to lure Mac users into buying there CrapWare?

I despise everything that has to do with them. Ugh...vomit.

what's REALLY FSCKING BAD is Apple Stores sells Symantec's crap software right next to brand new Mac's.

What's also bad is Apple doesn't have most of these updates available at the Apple Stores; you HAVE to download them.

Not all of us have broadband (it's not even available in my neighborhood). When even a small update is 20 megs, it sucks.

I'd gladly pay Apple $5 to $10 to get updates on disk. Anybody listening?

Hmm....advices from Symantec, the company producer of some products could lead to a third person to take control of your system. Of course this is already patched....but after the "discovery" (wonder how much time they did spend in that, cannot recall the whole story)

Bravo!!!

Why doesn't Apple sue the little prick for writing "virus' or malware." Maybe just take a complaint to the local gendarmes or the Feds. Joris Evers needs to meet his maker (Symantec).

Guys don;t be so harsh. The corporate PC virus development department spent months of overtime making these viruses so we would need to actually buy AV software. So give them a "golf clap".

I said it months ago.....These companies make the viruses that effect PC's to keep the AV software sales up. With this article they finally showed their hand. The question is..was the intention of the anouncement to scare the common OS X user or to let Apple know that they are working hard to make OS X as vunerable as Windoze.

Just my $0.02

Symantec didn't find or discover this worm. As is fully documented on their Security Focus site:

http://www.securityfocus.com/bid/18724/info

"Credit: Kevin Finisterre of DigitalMunition is credited with the discovery of this vulnerability."

dial up

Just contact Apple or OtherWorld Computing.

I'm sure either one will provide some sort of disk by mail solution.


Heck you can even download the files with a PC at a local internet cafe, burn it to dvd and stick it in your Mac.

I couldn't care less. I've been using Macs since 1995 and never, ever got a virus or trojan from System 7.5 up to OS X 10.4.7.
With such track record do you really think I'm going to worry now?!?

Knock Knock

Who's there?

The sky is falling.

Oh it's just Symantec bums again

Leave Mac users alone, Microsoft is the desperate company take a look at this.
http://www.nytimes.com/2006/06/29/technology/29pogue.html?ex=1151812800&en=739dcf991b70b68e&ei=5087

Symantic warns of new proof-of-concept 'trojan horse' for Mac OS X...


yea... trojan horseshit. call me when there is a real threat.

It's FUD Season again!

This happens everytime Apple is getting close to a major event...

What is happening is that Apple is going to be making some major OS revelations and announcements in 5 weeks at the WWDC... and those fearful of Apple are ramping up the FUD...

If you have an Apple Store near you, if the folks at the Genius Bar aren't swamped with switchers looking for the Start button they'll often burn a disk with the updates for you...or if you're on a laptop just bring it in and plug it in to their Ethernet connection to download the updates (they did that for me with my old clamshell iBook when I needed to update the firmware before installing OS X but I didn't have an Internet connection at the time -- long story there...).

NOT EVERYONE IS A MAC GEEK WHO RUNS SOFTWARE UPDATE EVERY 5 MINUTES AND HAS AN ORGASM OVER THE LATEST VERSION OF OS X.

There are probably millions of Macs running 10.4.6 and earlier.

Dennis: Sounds like you want to be able to do the stuff that only Vista will allow you to do. A pity that Vista is only a Beta2 pipe-dream so far.

Thank goodness for OSX where we can do all and so much more than what Vista can and have been doing on the most part since 2001.

I have heard that 98% of Windows users would prefer to use a Macintosh instead, but are prevented from doing so by some IT oompa loompa that would rather keep you in their pocket, another $50 per hour thing and lie almost like doctors do, I'm the professional I can say what I like and this numbskull won't know the difference!

Honestly I see this all the time whenever I drop by a friends PC Hardware Store, Windows users seem only too happy to hand over hard earned cash just for a quick 5 minute fix and then only end up coming back for another round a few days later.

I only go into such places to buy hard drives, ink cartridges etc.

Windows for me is just for gaming, the forerunner and companion to the Xbox & 360.

Get a Brain, Get Wise, Get an iLife and Get a Mac!

On the issue that not everyone has 10.4.7, older hardware and such, my G3 350 Yosemite installed and runs 10.4.7 happily.

Although I am now in the process of removing the G3, my very first Mac, so there is the issue of sentiment there, but I am seeking other ways to still use the G3.

As for the above Symantec thing, yes it is all about market forces, trying to sell their product and make money out of folks who should know better, that being the majority of Mac Users by default, why else use a Mac to get on and make great things, earn more on average than a PC guy?

My college has a wireless network, which requires certificate registration and installation on students own laptop hardware, there is the policy about having anti-virus software, so I have been using ClamXav and made the odd donation now and again, though this is optional and won't prevent you from using ClamXav as normal.

How many companies, like Symantec & McAfee, will allow you to still use their software (legally) without paying for it?

Can I Sue Symantec For Selling Me Software That Hasn't Worked? I Have Had Their Anti Virus Software On My Mac On And Off Over The Period Of 7 Years And Yet Still Hasn't Found And Removed A Single Virus From My Mac.

one of the comments there is worth to fully report here:

Setting the record straight - again.
Reader post by: Terry Murphy
Posted on: June 29, 2006, 2:38 PM PDT
Story: Attack code out for Apple flaw
Kevin Finisterre, founder of security startup Digital Munition
referenced in this article was interviewed by Security Focus on
2/27/06 (See http://www.securityfocus.com/columnists/389)

Since this Cnet article appears to needlessly try and resuscitate
the Bluetooth InqTana worm scare, the following excerpt from
Finisterre's interview is worth noting:

Q. In your paper, it sounds like both 10.4 and 10.3 were
vulnerable, but aren't any longer. Is that right?

A. The Bluetooth bug that InqTana exploits has been patched for
some time now.

In the same interview, Finisterre remarks about the less than
vigorous tendencies journalists have pertaining to accurately
reporting of software security issues:

Q. Did any antivirus company acknowledge that this was a lab
creation that would have a hard time spreading? Do you think
the vendors treated this well or as a marketing ploy?

A. Although blatantly mentioned in most of the antivirus threat
notices, you will find that folks are still implying that the code
will actually spread. I think this is a bit misleading. The fact of
the matter is that InqTana is not spreading and physically cannot
(spread) without a third party making their own variant.
Headlines like New Mac Worm Spreads Via Bluetooth and Second
Apple worm targeting Macs found are slightly skewed. First, the
code is not spreading in any sense of the word nor was it
"found" anywhere Since most articles are copied and pasted from
the same source, you will find that a number of sources correctly
identify this as "proof of concept." Quite a few folks actually
mention the fact that it is both time limited and crippled to a
specific set of Bluetooth addresses.

Unfortunately, not here. The present Cnet article continues the
"accuracy be damned" approach and relies on sensationalistic
claims while downplaying the actual (proof of concept) nature of
the issue. And in the present case, an issue for which nothing
exists in the wild and an issue for which a patch (10.4.7) has
already been released.

Once again. Windows users can only dream that they have it this
good.

This just proves that OSX is going to be the most hacked operating system in history. With more holes then swiss cheese, expect to see exploits blow up every macintosh that ever existed. This is even funnier when you take into account that no one on a Macintosh runs an anti-virus program (crucial for any computer on the net) and most are so stupid and misinformed that they wouldn't know a virus or malware if it bit them on the ass.

When ultra-secure Vista comes out at the end of the year it will mark the final end to both the Macintosh and Apple. With viruses and malware crashing every Mac and Apple unable to stop the wave they will have to stop producing computers and eventually go out of business. We already see this will the ever falling stock price as investors realize how much trouble Apple is in.

Time to buy a real computer from HP or Lenovo.

Static,

Just contact Apple or OtherWorld Computing.

I'm sure either one will provide some sort of disk by mail solution.

I'll have to check OWC. Apple won't.

As for Internet cafes... I'd rather run without the updates.

With more holes then swiss cheese, expect to see exploits blow up every macintosh that ever existed. -- Mac Realist my Ass

Plain silly, stupid and uninformed. A computer must be visible before any malware could even try to compromise it. (*visible* meaning responding to unsolicited port probes and packet traffic). After being visible, that is after having acknowledged its presence on the net it must have a port that is open to incoming traffic without filtering and/or monitoring it. Mac OS X has oll ports closed by default. Then the malware must be able to exploit flaws without intervention by the user.

While all above happens regularly on Windows, it does not happens easily on Unix in general nor on OS X where it is even more difficult.

Moreover, the majority of Mac users know pretty well Windows in their work places hence they know exactly all that concerns virus, bots, spyware and the like. Feeling safe on the Mac is not by ignorance, but out of knowing exactly what happens on Windows and knowing exactly that it cannot happen the same way on OS X.

There is not going any wave on OS X for the same reasons there are no waves of any kind of Linux and Unix in general. FreeBSD Unix, which NextOS has its roots in and OS X which essentially is the next NextOS enjoy from the very same reasons FreeBSD Unix has stellar record on security.

It is time to buy a computer that can run EVERYTHING rather than limiting on something that is mediocre, already flawed by over 100,000 malware threats. Only and idiot and uninformed zombie could nowaday suggest to buy a computer that can only run Windows and Linux vs a computer that can run Windows, Linux, and OS X.

Mac Realist, thanks for showing us all that idiocy is still alive and kicking.

When ultra-secure Vista comes out at the end of the year

LOL, what a troll.

You do not even know that Microshaft already announced further delays and cuts on Vista. It is not expected before Q2 of 2007.

AHHHUHHUAHHAHAHOHOHHOAHAHAO

end of year....

oahahhahahhuhhuohhhoho

ultra-secure...

ahdahdhahhahahhahehohohohoh

There are already Vista virus around and kits to build worms for Vista AND IT IS NOT EVEN OUT YET!!!!!!!!!!!!!!!!!!!!!

AHAHHAHEOHHUHUHEOAHHAOHAHHAHAHU

Must sux big time to be so frigging stupid on Windows world. No surprise Gates has so many $s, there are so many Windows COWS to milk around.

AHAHHOAHEHHHAHAHOAHAOHEHAHOEHAHEHAOH

Mac Realist, you are a joke.

this Mac TROLL Realist my ASS?

the proof of concept (which part of it you do not understand microcephalus?)
comes after a patch for it has been released.

When ever Microsucks released a patch BEFORE flaws where exploited, corporations lost billions, and trolls like you were screwed from the back with sand as lubricant and moaning like old sluts?

it is a proof of concept released after it has been patched and patching OS X is not a risky business as for Windows so much so that corporations go months after months of test every one of it because every patch M$ releases breaks their infrastructure.

Enjoy your sand lubricated ass fucking Windows zombie troll. You deserve it.

Don't forget to close the door when you are outta here, lowlife lobster.

Don't worry, I'll explain to you:

Lobster: "a tail full of meat and a head full of shit"

d i a l u p,

Take a blank disk into a retail store. They should let you download and burn the update on one of the store machines. Or if it is portable, on the airport network in the store.

AppleGuy

"Plain silly, stupid and uninformed."

No, that's you iPlodder.

"A computer must be visible before any malware could even try to compromise it."

No most PC attacks start with someone opening an attachment, browsing to a web page and so on. The weakest link in most Operating systems is located between the keyboard and the chair

"(*visible* meaning responding to unsolicited port probes and packet traffic). After being visible, that is after having acknowledged its presence on the net it must have a port that is open to incoming traffic without filtering and/or monitoring it. Mac OS X has oll ports closed by default. Then the malware must be able to exploit flaws without intervention by the user. "

Yep, and unless you know nothing about Windows trojans, you'll understand that's how it usually happens. Open ports running buggy services are helpful but sure not the way most PCs get infected.

"While all above happens regularly on Windows, it does not happens easily on Unix in general nor on OS X where it is even more difficult."

There is essentially no difference in the stupidity of PC vs Mac users. Except that Mac users believing they're invulnerable are more likely to do something dumb.

no news: "2. As MDN pointed out, coding a proof-of-concept trojan the day after the flaw is fixed doesn't count."

Given that most PC exploits happen through old vulnerabilities for which a patch already exists, it sure does matter.

Virus, you do not even make up for your nickname.

Those are not virus per-se, those are worms and spyware and trojans. A virus is independent from idiots behind the keyboard. Automatic spreading is what causes havoc on corporations. A virus only needs the PC to be online and that is what causes automatic exponential spread on Windows.

For other attacks you need idiots mostly on Windows.

No Mac user believes to be invulnerable. Only Winblowers do believe that about Mac users.

Again: plain silly, stupid and uninformed.

If a virus does not propagate automatically is not a virus, it's a joke. For the rest, you need suckers.

BTW, ever tried to get a malware on OS X via email? On winblows the attached malware often executes at opening the email.

Not even the need to be idiot on Windows: suffice a bad day at work and little less than careful behavior.

To be affected on OS X you truly need an idiot and authorize the malware multiple times before it does have even the lightest chance to do anything.
So far, only 2, TWO, users have ever been affected by malware on OS X by a proof of concept.

Get real.

MDN "next" - How appropriate.